FBI seizes BreachForums after arresting its owner Pompompurin in March
U.S. law enforcement today seized the clear web domain of the notorious BreachForums (aka Breached) hacking forum three months after...
News
Fortinet fixes critical FortiNAC remote command execution flaw
Cybersecurity solutions company Fortinet has updated its zero-trust access solution FortiNAC to address a critical-severity vulnerability that attackers could leverage...
MOVEIt breach impacts Genworth, CalPERS as data for 3.2 million exposed
PBI Research Services (PBI) has suffered a data breach with three clients disclosing that the data for 4.75 million people...
The Week in Ransomware – June 23rd 2023 – The Reddit Files
It was a relatively quiet week regarding ransomware news, with the BlackCat ransomware gang extorting Reddit and the ongoing MOVEit...
Grafana warns of critical auth bypass due to Azure AD integration
Grafana has released security fixes for multiple versions of its application, addressing a vulnerability that enables attackers to bypass authentication...
LastPass users furious after being locked out due to MFA resets
LastPass password manager users have been experiencing significant login issues starting early May after being prompted to reset their authenticator...
American Airlines, Southwest Airlines disclose data breaches affecting pilots
American Airlines and Southwest Airlines, two of the largest airlines in the world, disclosed data breaches on Friday caused by the...
University of Manchester confirms data theft in recent cyberattack
Image: Ax Sharma The University of Manchester finally confirmed that attackers behind a cyberattack disclosed in early June had stolen...
Twitter Hacker Sentenced to 5 Years in Prison for $120,000 Crypto Scam
A U.K. citizen who took part in the massive July 2020 hack of Twitter has been sentenced to five years...
U.S. Cybersecurity Agency Adds 6 Flaws to Known Exploited Vulnerabilities Catalog
The U.S. Cybersecurity and Infrastructure Security Agency has added a batch of six flaws to its Known Exploited Vulnerabilities (KEV)...
The Power of Browser Fingerprinting: Personalized UX, Fraud Detection, and Secure Logins
The case for browser fingerprinting: personalizing user experience, improving fraud detection, and optimizing login security Have you ever heard of...
US-CERT Vulnerability Summary for the Week of June 12, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and...
US-CERT Vulnerability Summary for the Week of June 12, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and...
Cybercrime Group ‘Muddled Libra’ Targets BPO Sector with Advanced Social Engineering
A threat actor known as Muddled Libra is targeting the business process outsourcing (BPO) industry with persistent attacks that leverage...
NSA Releases Guide to Combat Powerful BlackLotus Bootkit Targeting Windows Systems
The U.S. National Security Agency (NSA) on Thursday released guidance to help organizations detect and prevent infections of a Unified...
The Power of Browser Fingerprinting: Personalized UX, Fraud Detection, and Secure Logins
The case for browser fingerprinting: personalizing user experience, improving fraud detection, and optimizing login security Have you ever heard of...
Powerful JavaScript Dropper PindOS Distributes Bumblebee and IcedID Malware
A new strain of JavaScript dropper has been observed delivering next-stage payloads like Bumblebee and IcedID. Cybersecurity firm Deep Instinct...
New Cryptocurrency Mining Campaign Targets Linux Systems and IoT Devices
Internet-facing Linux systems and Internet of Things (IoT) devices are being targeted as part of a new campaign designed to...
NSA shares tips on blocking BlackLotus UEFI malware attacks
The U.S. National Security Agency (NSA) released today guidance on how to defend against BlackLotus UEFI bootkit malware attacks. BlackLotus...
Microsoft Teams bug allows malware delivery from external accounts
Security researchers have found a simple way to deliver malware to an organization with Microsoft Teams, despite restrictions in the...
Microsoft 365 users report Outlook, Teams won’t start or freezes
Network and IT admins have been dealing with ongoing Microsoft 365 issues this week, reporting that some end users cannot...
US-CERT Vulnerability Summary for the Week of June 12, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and...
US-CERT Vulnerability Summary for the Week of June 12, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and...
APT37 hackers deploy new FadeStealer eavesdropping malware
The North Korean APT37 hacking group uses a new 'FadeStealer' information-stealing malware containing a 'wiretapping' feature, allowing the threat actor...
